<?php
	/**
		Processes logging in
		
		@author Joseph Fehrman
	*/
	$username = $_POST['username'];
	$password = $_POST['password'];
	$hashPass = hash('sha256', $password);
	include_once("../db/connection.php");

	//Selects user from database based on un and pw
	$sql = "SELECT * FROM USERS WHERE username='$username' AND password='$hashPass'";
	$results = mysqli_query($conn, $sql) OR DIE("SQL error: " . $sql);
	$row = mysqli_fetch_array($results, MYSQLI_NUM);
	//if user exist
	if($row[0] !=null){
		setcookie('username', $username, time()+3600, "/");
		header("Location: ../index.php");
	}else{
	//if no user exist
		header("Location: ../loginFailure.html");
	}
	mysqli_close($conn);
?>